1 to 25 of 198 Incident Response Jobs in the UK excluding London

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible … collaborating with organisation stakeholders in developing, updating, and enhancing a comprehensive set of tactical and operational cyber incident response documents, including the Incident Response Plan, Communication Plan, Incident Response Playbooks, and Containment & Eradication procedures. This engagement is focused on delivering high-quality, actionable documentation ...

experience Are you early in your cyber career but ready to step into a client-facing, people-focused role where you can put your incident response skills to work, develop your GRC knowledge, and learn how organisations really build and run their security programmes? We're looking … relevant operational controls. Conducting maturity assessments, gap analyses, and producing prioritised action plans. Supporting and sometimes facilitating workshops, discovery sessions, stakeholder interviews, and incident response tabletop exercises. Producing clear, high-quality reports, summaries, and client-ready deliverables under gentle guidance. Assisting with policy development, risk processes, audit readiness ...

days per week onsite) Competitive Salary Role details: Our client, a prominent organisation within the defence and security sector, is seeking a skilled Incident Responder to join their team in Stevenage or Bolton. This role is focused on leading digital forensics and incident response activities, while also … advancing adversarial exposure validation through red and purple team exercises. The successful individual will be critical in enhancing threat detection, response, and control strategies against real-world cyber threats within a high-security environment. Key Responsibilities: Lead digital forensics and incident response (DFIR) activities, maintaining lab readiness ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring … Techniques, and Procedures (TTPs). This is an ideal "next step" role for an experienced Cyber Analyst with a deep passion for high-stakes incident response, digital forensics, and threat mitigation. Compensation & Logistics Salary: £50,000 - £60,000 (depending on experience). Working Pattern: Dynamic (hybrid) working; minimum ...

Title: Cyber Investigation and Forensic Response Manager/Senior Manager Location: UK Level: Manager & Senior Manager Salary: Competitive Salary & Package (Dependent on Experience) Travel: Expected travel across UK and EMEA Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which requires 5 years … fastest growing areas of the business with significant growth plans through additional recruitment and acquisitions. Our global Cyber Investigation and Forensic Response (CIFR) practice is rapidly expanding in order to uniquely deliver around the clock incident response services to our expanding portfolio of enterprise customers. The sheer ...

business opportunities. Managing and completing Requests for Proposals (RFPs) and Requests for Information (RFIs). Work closely with internal teams – including the Cybersecurity Incident Response Team (CSIRT) and Security Operations Center (SOC) teams – to scope and design managed security solutions that meet customer needs. Define technical requirements … architectures for services such as 24x7 SOC monitoring, incident response workflows, identity management solutions, cloud security (SASE), and threat protection services. Translate customer needs into detailed technical proposals, statements of work, and solution diagrams/documentation. Develop and validate pricing for proposed solutions. Work with internal finance ...

safeguarding our digital assets and ensuring the resilience of our information systems. You will contribute to a secure environment by applying your expertise in incident response, risk management, and security guidelines. Key Accountabilities: Vulnerability & Exposure Management Leading efforts to identify, prioritise, and track vulnerabilities across cloud … materials, and briefings to enhance security maturity Offering excellent customer service by supporting various business units through best-practice guidance and responsive problem-solving Incident Response & Assurance Leading and participating in incident investigations to identify root causes and implement effective solutions Providing expert consulting on secure design ...

Investigator - Cyber Incident Response Location Flexible (UK) Please Note: Due to the nature of client work you will be undertaking, you will need to be willing to go through a Security Clearance process as part of this role, which requires 5+ years UK address history at the point … working with cutting-edge technologies and will have the opportunity to develop a wide range of new skills. At Accenture, our global Incident Response team takes on some of the hardest and most meaningful challenges in cyber security. When major organisations are breached, when ransomware hits the headlines ...

CYBER SECURITY OPERATIONS MANAGER - CHESTER (HYBRID) KEY POINTS Senior operational security leadership role Lead Security Operations, Incident Response & Vulnerability Management Hybrid working - minimum 2 days per week onsite in the Chester Area Competitive salary ABOUT THE CLIENT We're working with a well-established UK organisation recognised … responsible for leading the day-to-day operational security activities that protect the organisation's systems and data. You'll manage security monitoring, incident response, and vulnerability management processes, ensuring they remain effective, efficient, and aligned with industry best practice. A key part of the role will ...

ensuring the organisation's systems, networks, and data remain protected against evolving cyber threats. As the SecOps Lead, you will manage security monitoring and incident response activities while providing strategic direction for security tools including SIEM and Endpoint Detection & Response (EDR) platforms. You will work closely with … internal Security Operations team, overseeing daily operational activities and performance Define and implement the strategy and operational roadmap for security monitoring, detection, and response Own and manage the security incident response lifecycle, including investigation, containment, remediation, and post-incident reviews. Lead incident response efforts ...

Incident and Vulnerability Manager This role is for an experienced professional in vulnerability management and threat intelligence to join our Cyber Operations team. You will work closely with colleagues across the organisation to further mature and continuously improve our cyber defence capabilities. Cyber Operations forms part of a wider … intelligence products with internal and external stakeholders and use this intelligence to support vulnerability management and threat hunting activities. Additionally, you will contribute to incident response processes and provide support to colleagues responsible for the IPOs protection, detection, and response capabilities. if you have strong relevant expertise ...

title: Cyber Incident Response Consultant (Contractor) Contract: Six Months (possibility of extension) Location: Basingstoke (X3 days onsite; X2 working remote) Role Overview We are seeking an experienced Cyber Incident Response Consultant to support our cybersecurity function on a contract basis. The consultant will be responsible ...

delivery of cyber security across Total IT not just the strategy, but the execution. You will take full accountability for client security roadmaps, incident response, technical controls, and the day today running of our cyber capability. This role blends hands - on technical leadership with operational delivery. Youll … person who ensures this gets done. Responsibilities: Own client cyber security roadmaps: creation, prioritisation , scheduled review, and delivery. Lead and continually improve our incident response function including triage, containment, communications, and lessons learned. Drive remediation by working closely with Service Desk, Projects, and clients. Maintain robust security reporting ...

Head of IT Security to build and lead a multi-disciplinary security function that protects the entire organisation. From setting strategy to refining incident response, your impact will be felt across the business. The Role As the Head of IT you will build and lead a multi-disciplinary … security function that protects the entire organisation. From setting strategy to refining incident response, you will strengthen how to defend, detect, and respond, and be a leader who's ready to take the security function to the next level. This is a role for a visionary, a builder ...

than a purely cyber-focused profile. About the Role As Head of ISOC, you will own theday-to-day operational performanceofIntercityscustomerscorenetworkand securityservices fromavailability and incident response to security detection and escalation. We arelooking forsomeonewhocanpivotoursupport services fromreactive to proactive. Youwillbringinnovativeideasand automationthatwilltransform our serviceandenableour customers andchannel partnerstosee the benefits … Ensure network performance, availability, and fault resolution remainindustry-leading. Embed security operations as part ofoperational resilience, not a standalone function. Act as senior incident commander during major outages or security events. Drive operational maturity through tooling, automation, and process optimisation. Have the vision to improve the service workingcloselywith ...

Vitality BournemouthOffice.Full time, 35 hours per week. We are happy to discuss flexible working! Top 3 skills needed for this role: Security Operations Leadership & Incident Response Risk, Governance & Regulatory Compliance Technical Depth in Monitoring & Security Engineering What this role is all about: Join our dynamic, values-led organisation … CISO in delivering our security strategy, lead a team of analysts, and oversee key controls that protect member data. The role includes security monitoring, incident response, developing playbooks, and managing the CSIRT function. Key Actions Leadership and management of the Cyber Security Operations team Conducting cyber security maturity ...

Cyber Incident Responder - SC Cleared Remote, plus onsite delivery in Shrivenham 6 months initially scope to extend Inside of IR35 £550 per day This role focuses on analysing and responding to cyber threats using established tools and methodologies, supporting the clients cyber training through real-world operational insight. Ideal … industry cyber responders who can adapt quickly to their environments. What You'll Do Conduct analysis, threat investigation, and incident response Support the creation of real-world incident scenarios and exercises Provide technical expertise to learners and training teams Work on-site for delivery blocks ...

Security Operations Manager/SOC Lead to lead and develop their cyber security operations capability. The role will oversee SOC operations, threat detection, and incident response, while driving improvements across security monitoring, automation, and response processes. Key experience required: Strong experience in cyber security operations Strong experience … leading or mentoring SOC teams Strong knowledge of incident response and threat detection Experience with SIEM platforms such as LogRhythm, Splunk, or Microsoft Sentinel Familiarity with SOAR platforms, EDR/XDR tools (eg CrowdStrike, Defender, SentinelOne) and cloud security monitoring across Azure, AWS, or GCP Understanding of frameworks ...

Defining, implementing, and maintaining corporate security policies, standards, and procedures to ensure compliance with industry regulations, legal requirements (e.g., GDPR, HIPAA), and best practices. Incident Response and Management: Playing a key role in developing incident response plans and coordinating efforts to detect, analyse, and respond ...

primary onsite representative for SOC operations, working closely with senior stakeholders while coordinating with offshore security analysts to ensure effective monitoring, threat detection, and incident response. The successful candidate will play a vital role in strengthening cybersecurity operations, improving detection capabilities, and ensuring operational excellence across the Security Operations … stakeholders and the offshore SOC to ensure efficient handling of alerts, incidents, and operational requests. Oversee daily SOC operations, ensuring security monitoring, investigations, and response activities are delivered in line with agreed SLAs. Lead incident management for high-severity security events, coordinating across IT, infrastructure, and business teams. ...

Case Development: Develop and refine detection rules based on threat intelligence and attack patterns Continuously improve detection efficacy and reduce false positives Security Monitoring & Incident Response: Monitor systems for anomalies and malicious activity Contribute to threat hunting and incident response playbooks Provide expert guidance on securing ...

drive improvements to tools, processes, automation, and reporting to enhance programme maturity. Stay current with emerging vulnerabilities, zero-day threats, and vendor advisories. Support incident response activities where vulnerabilities are linked to potential security events. What Youll Bring Proven experience in vulnerability management, cyber security operations … SIEM, SOAR, EDR, and associated security tooling. Strong analytical skills with the ability to translate technical risk into clear, executive-level reporting. Experience supporting incident response and investigations. Excellent stakeholder management skills, with the confidence to challenge and influence both technical and non-technical teams. Strong understanding ...

enterprise-wide security strategy, and ensure resilience across all technology environments during a time of rapid change. You'll oversee governance, architecture, operations, and incident response, while working closely with senior leadership to safeguard critical systems, data, and digital services. Acting as a trusted advisor, you'll translate … drive a global information security strategy aligned to organisational priorities and risk appetite. Lead multidisciplinary teams spanning governance, risk, compliance, architecture, operations, and incident response. Embed recognised frameworks such as ISO 27001, NIST CSF, NIS2, and DORA into policies, processes, and technology platforms. Oversee security operations, including monitoring, threat ...

BRISTOL OR STEVENAGE - Sole British Citizen We are seeking a proactive CERT Incident Responder to lead our Digital Forensics and Incident Response (DFIR) readiness and drive our Adversarial Exposure Validation (AEV) program. This role is a unique hybrid of defensive response and proactive testing, ensuring ...

role in strengthening cyber resilience and protecting critical enterprise systems. This is a hands-on operational security role focused on threat detection, incident response and continuous improvement of security monitoring capabilities. The position of Cyber Security Analyst is suited to an experienced security professional who thrives in fast … alerts across SIEM platforms and ticketing systems, managing incidents through to resolution Participate in an on-call rota to support live security incidents Manage incident queues and approvals within IT service management tools Act as a subject matter expert for nominated security technologies, ensuring effective configuration and optimisation Support ...